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1. PROJECT PROPOSAL 
ABSTRACT 


Session Two-Factor Authentication system is a system to provide an additional layer of 
security for Enterprise Resource Planning systems implemented at companies for personal 
computers and workstations. By implementing one-time passwords and or USB security 
tokens for session logins on an organization's Enterprise Resource Planning (ERP) systems, 
we hope to reduce the instances of cybercrime attacks on a company's systems. On the login 
page, a user is required to enter their username, password and a passcode which is the OTP 
generated by the system. The passcode will be as an QR code sent to a user's phone. The 
system will also implement a microchip that can embedded in a hardware token such as a 
staff identity card or a USB fob which the user can scan or insert into the machine to 


authorize login. 


BACKGROUND/INTRODUCTION 


During my external attachment through the period of November through to December 2019 
at Kenyatta National Hospital, I observed that the majority of users at the organization had 
weak passwords. This was particularly inherent for domain passwords, admin passwords and 
network switch passwords. Most passwords were shared across offices and most were known 
by multiple users. Some computers at the workplace had the password stuck on to the base of 
the monitor or they had a sticky note at the office noticeboard. For the proprietary ERP 
system at the hospital, users would use accounts of colleagues and share credentials with 
users who couldn't log in using their details. This was also observed by my fellow students in 


other offices where they completed their external attachments. 


PROBLEM STATEMENT 


In the recent years, cyber security has become a talking point in most, if not all, workplaces. 
Data privacy and security has come to the forefront as a main selling issue for most 
companies handling data belonging to individuals and organizations. Most organizations in 
recent times have moved to using Enterprise Resource Planning (ERP) systems to manage 
and integrate their business dealings. Companies integrate most or all of the processes 
required to run the company into an Enterprise Resource Planning system. Each department 
at an organization can have its own stand-alone computer system which is implemented as a 
single module on the ERP system. Employees can then interact with various departmental 
systems through the ERP system. The employees can share and request data, reports and 


resources from various departments which makes working easier. 


In the case that the system security of an Enterprise Resource Planning system was to be 
poorly or wrongly implemented, the Enterprise Resource Planning system is vulnerable to 


cyber-attacks and this would jeopardize company data and operations. 


JUSTIFICATION 


Security sensitive businesses would and should ultimately give priority to their clients' data 
privacy and information security. This would lead the business to make conscious decisions 
concerning data privacy and the system's overall security. One workstation being vulnerable 
means the network by extension is in danger. Inadequate security measures at the login phase 
of a system could possibly lead to malware attacks on workstations and the entire network, 


social engineering attacks on the corporation's systems. 


The goal of multi-factor authentication is to provide an additional layer of defence on ап 
organization's systems which makes the organization a harder target for cybercrime attacks. 
An attacker without access to a recognised system user's phone is less likely to infiltrate a 
system with two-factor authentication implemented. Two-factor authentication also helps 
greatly in audit trails where log files of data access are kept. For systems implementing 
chipset embedded staff cards or USB tokens, this guarantees faster and convenient system 


login. 


For more sensitive systems, systems dealing with sensitive data of an organization's clients, 
we will implement the *something you are" concept of multi-factor authentication. We wish 
to implement a fingerprint scanning system for individuals with higher access levels in an 
organization's system. This creates a better and more secure way to protect organizational 
data and information since higher placed individuals in an organization have access to more 
sensitive data. Two-factor authentication techniques help reduce the need for helpdesk calls 


by system users requiring help with password resets and other password related issues. 


LITERATURE RELEVANT TO YOUR PROPOSAL 


[1] [CITATION Nat16 М 2057 | Nath, Asoke & Mondal, Tanushree. (2016). Issues and 
Challenges in Two Factor Authentication Algorithms. International Journal of Latest Trends 
in Engineering and Technology (IJLTET). 6. 318-327. 


121 [ CITATION Sastry2020 М 2057 | Sastry, JKR. (2020). Multi-Factor Authentication 
through Integration with IMS System. International Journal of Emerging Trends in 
Engineering Research. 8. 87-113. 10.30534/ijeter/2020/14812020. 


[3] [ CITATION Ometov2018 V 2057 | Ometov, Aleksandr & Bezzateev, Sergey & Mäkitalo, 
Niko & Andreev, Sergey & Mikkonen, Tommi & Koucheryavy, Yevgeni. (2018). Multi- 
Factor Authentication: A Survey. Cryptography. 2. 10.3390/cryptography2010001. 


[4] | CITATION Ald17 112057 |. (2017). Multi-Factor Authentication System. 
RESEARCH METHODS AND DESIGN 


Our main research goal is understanding what are the current user authentication systems 
being used at organizations. We will want to gain this data from staff members at several 


organizations. We will use various qualitative and quantitative research methods. 


We will employ participant observation to learn about the current systems being implemented 
at organizations. This would provide a first person view of current systems. It is also a way to 


interact with system users and enquire about challenges with the current system and hear 


about what their thoughts about the system. This would be а great starting point on what 


features the system users would expect from a new system. 


Employees will be assessed at their workstation through a questionnaire which would yield 
data to back the problem statement. We will design and administer a survey based on some 
questions which would include how confident employees are of their passwords and the 
system's security overall, have they ever re-used passwords and how often, how stringent is 
the company on password etiquette and others. This would form a basis for a research paper 


on the topic and the subsequent system to be developed. 


We will also analyse statistical data from related works in the field of two-factor and multi- 
factor authentication to learn about the current breakthroughs in the industry. This also helps 


us to deduce what are some challenges we are likely to face along the way. 


METHODOLOGY 


Preliminary Investigation 


Learn Android 
Programming 


Testing, Debugging and Deployment 


SCHEDULE 


TASK | TASK DESCRIPTION DURATION | PREDECESSO 
R 

A Preliminary Investigation 3 weeks - 

B Prerequisite Research 3 weeks - 

C Study of existing systems 3 weeks B 

D Objectives specification 4 weeks C 

E System Design 4 weeks D 

F Construction 4 weeks E 

G Implementation, Testing and Debugging | 4 weeks E 

H Final Documentation 2 weeks G 


Table 1: Task Schedule 


) Mach 2020 April 2020 May 2000 June 2020 july 2000 
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Image 1: Task Gantt Chart 
BUDGET 
BUDGET QUANTITY | UNIT PRICE | COST PRICE 
Arduino UNO R3 1 1100 1100 
Atmel Atmega328P) 3 500 1500 
Arduino power supply 1 300 300 
Jumper Wires 40pcs 100 100 
Breadboard 1 300 300 
Miscellaneous (Transport, Lunch 2000 
etc.) 
TOTAL (Ksh.) 5300 


Table 2: Budget Estimation 
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OTHER INFORMATION 


We need to know and understand current security policies that are in place concerning 
personally identifiable information (PII) and user data. The system would have to be 


implemented according to these regulations and policies. 


Also, we would have to know about general workplace policies concerning system login and 
access policies. Such policies add upon the constraints of the system and as such, are issues 


that need to be considered during implementation of the system. 


CONCLUSION 


The Two-factor authentication system on implementation would enhance a company's 
security policies and protection of its system and data. The system is built on top of current 
systems therefore it would include minimal staff awareness programmes. The system would 
help users secure their own devices that they use on the organization's system. In addition, 
such a system would make employees aware of cyber security and the implications of 
insecure systems on the wellbeing of an organization. User awareness is critical in securing 


an organization's system. 
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2. LITERATURE REVIEW 


CONTEXT: Organizations and companies in the Kenyan market still employ single factor 
authentication although several articles have been published highlighting the shortcomings of 
this technology such as inappropriate password policies, vulnerability to social engineering 
and dictionary attacks. This paper proposes and implements a multi-factor authentication 
system for Enterprise Planning Systems (ERPs). We implement QR code and hardware token 
technologies in the system. Future work would go into implementing a fingerprint scanning 


technology for the system in critical data systems. 


OBJECTIVES: In this study, we investigate the impact of incorporating a two-factor 
authentication system into an organization. We compare and contrast our implementation of 
two-factor authentication against the existing ones with references on several published 
articles and research papers discussing multi-factor authentication implementations, 
challenges and vulnerabilities. We comment on the inherent advantages from the use of our 
implementation with the main goal to present a secure and user-friendly authentication 
system for Enterprise Resource Planning systems that uses a password together with a 
passcode and/or fingerprint. We evaluate the proposed system based on learnability and its 
performance compared to current security implementations. We strive to meet the following 
deliverables of the system; ease of use, cognitive effort required from the user and 


trustworthiness of the system by a user. 


METHODS: A literary study was performed in order to collect information on similar 
systems and subjects in order to build a comparable authentication model. The collected 
information and proposed model were then used to analyse possible drawbacks and to answer 


research questions. 


RESULTS: Results are derived from the comparison between our proposed model and 


already implemented 2FA systems by Google and YubiKey. 


CONCLUSIONS: The results yielded from the literary study and analysis shows that our 
proposed model does not add any advantages concerning security. Our model does, however, 
provide better ease of use in comparison with similar two-factor authentication solutions from 


Google. 
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KEYWORDS: Two-factor authentication, ERP systems, Enterprise Resource Planning 


system, fingerprint authentication, SMS authentication code, QR code implementation. 
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THESIS STATEMENT 


Current implementations of ERP systems have inadequate security measures to ensure safety 


from password attacks, particularly, phishing attacks. 


INTRODUCTION 


There can never be enough security. On the other hand, using faulty or 
weak protections may merely make you feel safe while you remain exposed 
to various threats. 


^ [ CITATION Sat2016 M 2057 ] 


Entering only your username and one password to login is considered as single-factor 
authentication; here being the password. Two factor authentication requires the user to have 
any two out of three or all the three types of credentials before being able to access an 


account. The three types of credentials are: 


* something you know- such as a personal identification number (PIN), password or a 
pattern 
° something you have- such as an АТМ card, phone, or fob 


° something you are- such as a biometric like a fingerprint, retina scan or voice print. 


Other forms of credentials, though not widely used, include somewhere you are for location- 
based access and someone you know implemented using social-authentication schemes 
(Dorothy et al., 1996; Brainard et al., 2006). Whenever any two of these factors are required 
for system login, that is two-factor authentication. Whenever more than two are required, that 
is multi-factor authentication. Over the years, passwords alone, one-factor authentication 
(1FA) have been widely used for login but their use has been marred by stolen credentials, 
phishing attacks, brute force attacks, shoulder surfing, replay attacks and keylogger trojan 
attacks. For ERPs implementing 1FA, this poses a great risk when dealing with client data 
and information. Password and credentials breaches have been laid bare on platforms such as 
Have I Been Pwned? with database records in the hundreds of millions | CITATION 
Troy2020 М 2057 |, billions of these passwords are readily available on the black market 
being sold to the highest bidders. Many of these are credentials to organizational systems 
which further place the organizations at risk of attacks. These data breach dumps magnify the 


risk when users have reused passwords for several accounts. 
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In the recent years, cyber security has become а talking point in most, if not all, workplaces. 
Data privacy and security has come to the forefront as a main selling issue for most 
companies handling data belonging to individuals and organizations. Most organizations in 
recent times have moved to using Enterprise Resource Planning (ERP) systems to manage 
and integrate their business dealings. Companies integrate most or all of the processes 
required to run the company into an Enterprise Resource Planning system. Each department 
at an organization can have its own stand-alone computer system which is implemented as a 
single module on the ERP system. Employees can then interact with various departmental 
systems through the ERP system. The employees can share and request data, reports and 
resources from various departments which makes working easier. In the case that the security 
of an Enterprise Resource Planning system was to be poorly or wrongly implemented, the 
Enterprise Resource Planning system is vulnerable to cyber-attacks and this would jeopardize 
company data and operations. Corporates have tens of employees where each could be a 
weak point to the system that would be exploited by attackers. An average person has 70-80 
passwords, according to the research by the password manager NordPass [ CITATION 
Jodi2020 М 2057 |. Taking each employee as a single independent entity and then as an 
employee of the organization, this escalates the risk probability of having a vulnerable user- 


login credential set. 


Colnago and the team cited research works studying the factors to the adoption of 2FA 
authentication adoption with focus on the interactions of usability, value, and adoption of the 


authentication system." (Colnago et al., 2018). 
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MFA was initially expected to be utilized for human-to-everything interactions to enable fast, 
user-friendly, and reliable authentication when accessing a service (Ometov et al., 2018). 
Previous works highlight and expound on the usability of the MFA technologies with some 
being specific to hardware tokens (Das et al., 2018; De Cristofaro, Du, Freudiger, & Norcie, 
2014; Gunson, Marshall, Morton, & Jack, 2011; Velásquez, Caro, & Rodríguez, 2018). 


Jessica Colnago and her team (Colnago et al., 2018), examined the user behaviours and 
opinions around adoption, surrounding a mandatory adoption deadline. Their results show 
that 2FA adopters found it although annoying, it was fairly easy to use, and the users believed 
it made their accounts more secure; also, experience with CMU Duo often led to positive 
perceptions, sometimes translating into 2FA adoption for other accounts. The issue of 
additional required user input at authentication while using 2FA systems is considered 


Previous work by Strouble, (Strouble, Shechtman, Alsop, & Strouble, 2009), showed that 
although Common Access Cards- a smart staff photo ID card used by employees, improved 
system security, it brought along decreased productivity. They estimated that the United 
States of America Department of Defence spent about 10.4 million dollars on time lost (e.g., 
when employees left the base without their card and were unable to re-enter) which bubbled 
down to decreased productivity of the organization. 


De Cristofaro et. al (De Cristofaro et al., 2014) found out the following concerning usability 
of the 2FA technologies they examined; From the nine participants in the survey who 
reported to have used 2FA technologies, they used either in three contexts: (i) work-related 
reason (e.g., to log into their company's VPN), (ii) personal reason (e.g., to protect a social 
networking account), or (iii) financial reason (e.g., to gain access to online banking). Some 
issues the participants raised about the 2FA technologies included: 


• it was annoying to have to remember to carry security tokens 

e users experienced delays from SMS- based codes and were “annoyed, especially when 
paying for incoming texts." 

* one user pointed out that (s)he “preferred text messages", since (s)he “did not have a 
smartphone." 

* security tokens can be lost 

e° some participants preferred tokens as they are easier to use compared to mobile 
applications, where one has to *look down to unlock screen, find app, open app, and read 
the code." 


Bonneau et al. argued that in order for an authentication technology to be broadly acceptable as a 
password replacement, it must outperform passwords on multiple fronts such as cognitive burden, 
physical burden, scalability, and privacy preservation (Bonneau & Oorschot, 2012). Stajano proposed 
five core attributes for the token: secure, memoryless, scalable, loss resistant, and theft resistant. While 
the security key does introduce an added responsibility, it is lightweight, and is physically effortless as 
its operation is only a button press. It is secure, scalable, as well as unlikely to be lost or stolen. It is 
also password compatible (Stajano, 2011). A Google report on adoption benefits of 2FA technologies, 
examined the benefits of adoption in quantitative terms of password support costs. They proposed that 


2FA technologies which are mandatory for continued employment will be used by all employees, but 
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this does not make them inherently acceptable in the larger market. The work of Cristofaro's team, 
who categorized reasons for use of 2FA technologies as either forced, voluntary or via incentives (De 
Cristofaro et al, 2014), further supports the conclusion of the Google report. Even when the 
company-placed policies to have every employee use 2FA technology are implemented, this did not 


positively impact the acceptability of the technologies. 


Account takeover prevention rates, 
by challenge type 


Device-based challenges Knowledge-based challenges 


73% 


On-device 
prompt 


Sed addc. G 
email address 


79% 


SMS Phone 
code number 
: 
ecurity 5 Last sign-in 
key se цій 
@ Automated bot @ Bulk phishing attack Ө Targeted attack i 9555 confidence interval 


Image 2: The Anatomy of Account Takeover. (Milka, 2018) 
There exists several programming concepts and technologies we could implement for the system 
architecture. With regard to 2FA possible implementations, we can use either TOTP, HOTP and U2F 
algorithms. In this paper, we look into each of these technologies and compare and contrast each one 
to try and come up with an up-to-date modern hardware token that is not prone to attacks due to the 
algorithm used. Satoshilabs compared and listed benefits of U2F (Universal 2-Factor) over Time- 
based One Time Passwords (TOTP) | CITATION Sat2016 V 2057 1. 


The works of Whitten and Norcie proposed the following six heuristics for a usable, acceptable secure 
system: (Norcie, Blythe, Caine, & Camp, 2014; Whitten & Tygar, 1999) 


% user installation (setting up the technology with user accounts) precedes user operation (using 
the system) 

* ensure users are aware of trade-offs of the technology 

° сау why you are using 2FA technologies and not how 

e make users aware of the needed security tasks 

• сап perform these tasks without making dangerous errors e.g. locking out authentic user 
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e users interacting with the system should result in continued use of the security technology. 


These are design concepts we will consider and incorporate in the design and build of the proposed 
system as desirable features. 


CONCLUSION 


The use of our 2FA system in conjunction with a password manager would go a long way to 
improving the security of an organization's ERP system. 
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3. SYSTEM DESIGN AND ANALYSIS 


SYSTEM USE CASES 


ANDROID APPLICATION 
The user installs the TwoFA application on a smartphone for use. 


Service Registration 
To register a new service: 


* the site displays an encrypted secret key in a QR code format. 

• the user presses the “Add service (+)” button on ће TwoFA application. 

* the user scans the QR code provided by the ERP to extract the secret key. 

* the app generates ап OTP using time now and the secret key as inputs to a НМАС-5НА1 
function. 


* the ERP's OTP is then added to the app and is displayed on the main page. 


User Authentication 
* the user, on the ERP login page, enters their username and password. 


* the ERP requests for the passcode, which the user can find in the TwoFA application. 

* the ERP, in the background, computes the required six-digit OTP but does not show the 
passcode. 

* the user runs the TwoFA application, which independently generates the current OTP to 
produce an OTP/passcode (НМАС-5НА1). 

* the user types in the OTP/passcode from the TwoFA application into the ERP login 


request. 


HARDWARE SECURITY KEY 


Service Registration 
To register a new service for use with the TwoFA security key: 


* user requests for U2F key integration for their account, the ERP responds by asking them 
to insert their U2F device. 

* the ERP passes the UserID of the user to the key device. 

e {һе key generates a random number, which is called a nonce. It uses a secure hash 
function to mix this with the user's user ID on the ERP and a secret key, which never 
leaves the device, to generate a unique private key for the user's account. 

* From this unique private key, the device works out a public key and a secure checksum 
using HMAC-SHA256, which it sends to the ERP server along with the nonce. The 
private key never leaves the device. 
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User Authentication 

* ERP generates a challenge- a random number, and passes this to the security key, along 
with the nonce and checksum given to the ERP on registration. 

* The security key applies the same processing it used during registration, to generate the 
same private key for the user. It uses the checksum to confirm that the nonce really did 
come from the device originally; check if checksum from ERP system is same as the just 
calculated checksum. 

* The device then signs the challenge from the ERP with the private key using something 
called elliptic curve cryptography (ECDSA with curve secp256r1 for the crypto-heads!) 
and sends this back to the ERP. 

* The ERP auth. system verifies the signature using the public key that the device sent 
during registration. 


2 TwoFA Security 


2.1 Service 


n 


Figure 1: System Decomposition 
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SEQUENCE DIAGRAMS 
Service Registration (Android App) 


Service Registration (Android Application) 


User 


| 
Request MFA integration | 
| - 
| display QR Code QRCodeGenerator() 
І------------------ Messer un een 
open "Add Service" activity — | 
scan QR code 
secret key 
E 
OTPGenerator() 
display ОТР 
submit ОТР | 
> 
VerifyOTP() 
loginSuccessfulResponse() 
Valid signature р 
Invalid Signature InvalidLoginRepsonse() 
< 


X 


Image 4: Sequence diagram for Android User Registration 


User Authentication (Android App) 


User Authentication (Android App) 


User 


p ee ERP. 
l 
| 
| 


OTPGeneration() 


login request 
+ 


OTP request 


OTPGeneration() 


check current OTP 


OTPVerification() 


tl 


Valid signature 
loginSuccessfulResponse() 


Invalid Signature 
InvalidLoginRepsonse() 
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Image 5: Sequence diagram for Android User Authentication 
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Image 6: Sequence diagram for U2F Key account registration 
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Image 7: Sequence diagram for U2F Key User Authentication 


Security Key Chip Programming - 


= M. 
` wd 9 дові роси ¿Z ` 


Image 8(a) and 8(b): Teensy 4.0 Board (a) Front and (b) Back 


SYSTEM REQUIREMENTS 


ANDROID APPLICATION 
To build the Android application, the following are required: 


Software Requirements 
e System running SDK Java 8 and above for use in Android Studio IDE. 
e Android Studio IDE for development. 


Hardware Requirements 
e Android phone for testing 
° Phone camera for QR scanning 


HARDWARE SECURITY KEY 
To build the U2F security key, the following are required: 


Software Requirements 

e Eclipse CDT for C/C++ for development (or equivalent). This can also be replaced 
with Arduino IDE. 

• System running JDK Java 11 and above for use in Eclipse IDE. 

e  Sloeber Plugin on Eclipse CDT- provides some Arduino functionalities in the IDE. 
Can be installed from the Eclipse Marketplace. This requires that the Arduino IDE be 
installed on the machine also. 

e  Teensyduino Uploader Software to upload file to the Teensy board. 

e MinGW for code compilation. 

* Library requirements: MbedTLS and Micro-ECC. This requires that the Arduino IDE 
be installed on the machine also. 


Setting up the libraries: 


1. MbedTLS as an Arduino Library: 
e Create ап MbedTLS folder in your Arduino Libraries, ie, іп 
"Arduino/hardware/teensy/avr/libraries/MbedTLS". 
e Create another mbedtls folder inside this, i.e., 
"Arduino/hardware/teensy/avr/libraries/MbedTLS/mbedtls". 
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* Download mbedtls zip file from [https://tls.mbed.org/download], unzip it in a temporary 
location, and copy all the files from "/include/mbedtls" into the above "mbedtls" 
folder. Also copy the files from "/library" into the same mbedtls folder. 

e Edit the file "config.h" that was copied from "include/mbedtls" to have the content 
defined in mbded tls config.h 

2. Micro-ECC as an Arduino Library: 
e Create a "uECC" folder under Arduino Libraries i.e., 'Arduino/libraries/uECC". 
* Download the zip file from [https://github.com/kmackay/micro-ecc] and unzip it under 


the uECC folder, so that uECC.c and uECC.h are directly in the "uECC" folder i.e., 
"Arduino/libraries/uECC/uECC.h”. 
* Delete the test directory. 


Hardware Requirements 
° Teensy 4.0 board 


INPUT TO THE SYSTEM 


ANDROID APPLICATION 
Android application takes input as a QR-code which has the embedded secret key used for 
the one-time code generation. 


HARDWARE SECURITY KEY 
The U2F security key takes as input the UserID during registration and a challenge and nonce 
during user authentication. 


PROCESSING 


ANDROID APPLICATION 
The Android application extracts the secret key from the QR-code and uses it as an argument 
to the OTP generation. Therefore, there are two processing elements: 


• scan QR code- input-QR code, output-secret key) 
e generate TOTP- the input is secret key and Unix Time and proceeds to output a 6-digit 
TOTP code. 


Particularly, for my proof-of-concept implementation using the GitHub website as the stand- 
in for ап ERP system, I used НМАС-5НА1 hashing algorithm for code generation. This is 
because it is the same hashing algorithm used on the server-side, GitHub. The TOTP code 
produced by each of the hashing algorithms, given the same secret key, is different and would 
therefore not authenticate a user. Other algorithms that could be used such as SHA3 
algorithms provide better security since it is not vulnerable to length extension attacks as 
would be the case with SHA1 and SHA2 algorithms which are based on a MD5-like 
structure. 


HARDWARE SECURITY KEY 
The key can perform the following functions: 


e Deterministic random number generation (DBRG) using an Entropy-derived seed 
value. This produces the required nonce value and checksum/attestation value used іп 
other parts of the system. 
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e Asymmetric encryption- it is based on elliptic curve cryptography to produce a public 
key and private key pair. 
* Digital signing- uses Elliptic Curve Digital Signing algorithm (ECDSA). 


OUTPUT FROM THE SYSTEM 


ANDROID APPLICATION 
It produces a 6-digit TOTP code every 30 seconds. 


HARDWARE SECURITY KEY 
During key registration for a platform or website, it outputs a public key, nonce, checksum- 
that are sent to the ERP system. 


During signing a challenge, the key outputs the signature appended to the challenge sent by 
the ERP system. This data is sent to the ERP server for verification. 
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4. SYSTEM TESTING & IMPLEMENTATION 


TESTING 


ANDROID APPLICATION 

For testing on the android application, we used the Junit 4 framework in conjunction with the 
Truth library. The development of the system was test-driven as test cases were developed 
and run before development of the product. Unit tests were written for the main features of 
the system i.e., the MainActivity page, the ORScanner page and for the OTP Generation 
functionality. 


lroidTest java сот ` collins Њо fa app © MainActivityUnitTest Ау MainActivityUnitTest = | О, vivo vivo Y66L v | Р 5 тої Gt о v 
эд w © = & — Є MainäctivityUnitTest,java © MainActivity java © ExampleinstrumentedTest.java 

' » public class MainActivityUnitTest í 

manifests aRule 


public ActivityTestRule <MainActivity> mActivityTestRule = new ActivityTestRule<->(MainActivity.class); 


java 
! private MainActivity mActivity - null; 


com.collins.two fa арр 
Model 


Before 
© GlobalVar public void setUp () throws Exception{ 
© НМАСЗНАТ mActivity = mActivityTestRule.getActivity(); 
© MainActivity } 
© OTPGenerator gTest 
© QR Scanner r public void TestLaunch() í 
© ScheduleOTPGeneration View view = mActivity.findViewById(R.id.current_otpTxt); 


com;collinstwo-fa app (android assertNotNull(view); 


‘© ExamplelnstrumentedTest > 


- after 
© MainActivityUnitTest public void TearDown() throws Exception{ 
© OTPGeneratorTest mActivity = null; 


com.collins.two fa app (test) 1 


java (generated MainActivityUnitTest 


MainActivityUnitTest 

онип тт + Y © Tests passed: 1 of | test – 687 ms 

Terminated 687ms Testing started at 23:19 ... 
com.collins.two fa app.Main/ 587 n 


«ТН ацан 02/06 23:19:12: Launching 'MainActivityUnitTest' оп vivo vivo Y66L. 


Install successfully finished in 23 s 420 ms. 

Running tests 

$ adb shell am instrument -w -r -e debug false -e class 'com.collins.two fa app.MainActivityUnitTest' com.col 
Started running tests 

Connected to process 8769 on device 'vivo-vivo y66l-9dc7f216'. 


Tests passed: 1 
cat Ë Database Inspector Profiler = TODO P ÈRON Ei Terminai 9с “ Build 


Image 9: MainActivity page test case. 
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ıdroidTest java сот ` collins > two fa app ©! OTPGeneratorTest (4). OTPGenTest А, OTPGenTest ” | vivo vivo YOOL у № = 


j œ Android у Ө = Ф — € MainActivity.java © QR Scanner.java © OTPGeneratorTest.java 
і © MainActivity 
| © OTPGenerator gTest 
| © QR Scanner » public void OTPGenTest() í 
: @ ScheduleOTPGeneration OTPGenerator пемі - new OTPGenerator(); 
E i Вэ" ". 
E com.collins.two fa app (androidTe String testText = "6VRPSQNIQGXEUXHM"; 
š Оаа String result = new1.0TPGen(testText); 
| € ма Ре N = String expected = "757753"; 
ee assertEquals(result.length(),expected.length()); 
H © OTPGeneratorTest 
x 
: com.collins.two_fa_app (test) ] 
š 
! Fs java (generate ) 
3 zres 
H 
i = res (generated OTPGeneratorTest > OTPGenTest() 
» Debug: OTPGenTest() 


Debugger El Console 


МОГ Z = v Tests passed: 1 of | test - 25 ms 

U/inrrdirdCK: тгаскіпе üisdULteU UUE LU LdCK UT Internet permissions 

I/UsageTrackerFacilitator: Usage tracking disabled 

D/TestExecutor: Adding listener androidx.test.internal.runner.listener.LogRunListener 
Adding listener androidx.test.internal.runner.listener.InstrumentationResultPrinter 
Adding listener androidx.test.internal.runner.listener.ActivityFinisherRunlistener 

I/TestRunner: run started: 1 tests 


+ Test Results 25ms 
У" com.collins.two fa app.OTPGe 25 ms 
4 OTPGenTest 25 


т Started running tests 
: ж I/TestRunner: started: ОТРбепТеѕ? (сот. со11іпѕ. їмо fa арр.ОТРбепегатогТе51) 
à I/TestRunner: finished: OTPGenTest(com.collins.two fa app.OTPGeneratorTest) 
run finished: 1 tests, 0 failed, 0 ignored 

I/MonitoringInstr: waitForActivitiesToComplete() took: 0ms 
j Disconnected from the target VM, address: 'localhost:52106', transport: ‘socket’ 
5 Tests ran to completion. 
H 


= & logat Ё Database Inspetor Profiler = TODO | b 4 Run | Я 5: Debug ЕЯ Terminal 9 Git & Build 


Image 10: Test case run for the OTP Generation functionality. Since there is no 
way to know which TOTP code is produced for a given secret key, we tested for 
the length of the function's output which asserted the function works as 
intended- produce a 6-digit TOTP. 


HARDWARE SECURITY KEY 

We experienced difficulty running a testing framework for the hardware key but we 
developed the system with a DEBUG functionality. A boolean variable DEBUG was used to 
provide feedback to the user with frequent console messages to describe what the system was 
doing and any errors encountered. 


IMPLEMENTATION 


ANDROID APPLICATION 


User interface 

The android application has two main interfaces, the main page and the QR scanner page. We 
went for a minimal and user-friendly interface design with the buttons having explanatory 
names to describe their expected functionality. For the proof-of-concept implementation, we 
have used the “Schedule” button to start OTP Generation and “Cancel” button to cancel OTP 
Generation. In a later version of the application, this can be redesigned to get rid of the 
buttons and generation can be started automatically after a QR code is scanned. The “+” 
button is used to add a service for OTP code generation using this device. 
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4G ull G ull OK/s (9) 4G ull G ull OK/s Е (9 14:18 абий! Gull 0.2K/sE] 69 14:19 


TwoFA €  TwoFA TwoFA 


ERP Current OTP 


242072 і 


GitHub 


ERP Current OTP 


012345 


Issuer 


SCHEDULE SCHEDULE 


CANCEL CANCEL 


Image 11(a), (b) and (c) left to right: User Interface. (a) is of the default main 
page with no services registered for 2FA using this device. (b) is the QR 
scanning activity page. (c) shows the service *GitHub" has been registered on 
this device and its current usable code. The progress bar on its right is a 30- 
second countdown timer that refreshes each time a new code is generated. 


HARDWARE SECURITY KEY 

The security key has no interfaces or buttons to capture interactions between the user and the 
system. The user connects the key to a computer through a USB port when prompted and the 
key will initiate and run all processing required without user intervention. A challenge we 
experienced during deployment of the security key was that there was no communication 
between the webserver and the key. The computer on which we were running the test 
deployment recognized the device and it appeared on the Device Manager tool as a security 
device but we could not establish a connection with the webpage we were testing on, GitHub. 
A possible reason could be that there was miscommunication on the web sessions of the web 
server and the key. 


28 


File Action View Help 
€ ess m 


> П Processors 
м B; Security devices 
H? Trusted Platform Module 1.2 
Й Software devices 
í| Sound, video and game controllers 
> Še Storage controllers 
Ku System devices 
» 9 Universal Serial Bus controllers 


w w 


w 


Image 12: Device Manager tool shows the device is recognized as a security 
device 
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APPENDIX A 


ANDROID SOURCE CODE 


JAVA FILES 
GlobalVar.Java 


package com.collins.two_fa_app; 
import android.app.Application; 
import java.util.HashMap; 
public class GlobalVar extends Application { 
private static String secret; 
private static String issuer; 
private static String current_otp; 
private static HashMap<String,String> combo = new HashMap<String, String>(); 


// public GlobalVar (String sec, String iss,String otp)( 


// this.secret = sec; 

// this.issuer = 155; 

// this.current otp - otp; 
// 3 


public HashMap<String, String» getCombo() í 
return combo; 
} 


public void setCombo(HashMap<String, String» combo) í 
this.combo - combo; 
} 


public static String getSecret() { 
return secret; 
} 


public void setSecret(String secret) { 
GlobalVar.secret = secret; 
} 


public static String getIssuer() { 
return issuer; 
j 


public void setIssuer(String issuer) ( 
GlobalVar.issuer - issuer; 
} 


public void setCurrent otp(String current otp) { 
GlobalVar.current otp - current otp; 
j 


public String getCurrent otp() 4 
return current otp; 
j 


1 


MainActivity.Java 
package com.collins.two fa app; 


import android.app.job.JobInfo; 
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import android.app.job.JobScheduler; 
import android.content.ComponentName; 
import android.content.Intent; 
import android.os.Bundle; 

import android.util.Log; 

import android.view.Menu; 

import android.view.MenuItem; 

import android.view.View; 

import android.widget.Button; 

import android.widget.ProgressBar; 
import android.widget.TextView; 


import androidx.appcompat.app.AppCompatActivity; 
import androidx.appcompat.widget.Toolbar; 


public class MainActivity extends AppCompatActivity 4 
Button add service, scheduleJob, cancelJob; 
private static final String TAG -"MainAct"; 
static TextView totpTxt, issuerTxt; 
static ProgressBar progressbar; 


@Override 

protected void onCreate(Bundle savedInstanceState) { 
super.onCreate(savedInstanceState); 
setContentView(R.layout.activity_main); 
Toolbar toolbar = findViewById(R.id.toolbar); 
setSupportActionBar (toolbar); 


issuerTxt = findViewById(R.id.issuerTxt); 

totpTxt = findViewById(R.id.current_otpTxt); 

add service = findViewById(R.id.add service); 

scheduleJob - findViewById(R.id.scheduleJob); 

cancelJob - findViewById(R.id.cancelJob); 

progressbar - findViewById(R.id.progress circular); 

add service.setOnClickListener(new View.OnClickListener() í 


@Override 
public void onClick(View v) { 
addService(v); 
3); 
scheduleJob.setOnClickListener(new View.OnClickListener() 4 
@Override 
public void onClick(View v) { 
scheduleJob(v); 
}); 
cancelJob.setOnClickListener(new View.OnClickListener() 4 
@Override 
public void onClick(View м) ( 
cancelJob(v); 
) 
3); 


j 


public void addService(View view){ 
Intent addService - new Intent(this, QR Scanner.class); 
startActivity(addService); 


j 


public void scheduleJob(View view){ 
GlobalVar gv - new GlobalVar(); 
ComponentName componentName - new ComponentName(this, 
ScheduleOTPGeneration.class); 

JobInfo info - new JobInfo.Builder(123, componentName) 
.setPeriodic(30000) 
.setPersisted(true) 
.build(); 

JobScheduler scheduler - (JobScheduler) 
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getSystemService(JOB SCHEDULER SERVICE); 


if (!gv.getCombo().isEmpty() && info!-null) 4 
int result code - scheduler.schedule(info); 
if (result code -- JobScheduler.RESULT SUCCESS) ( 
Log.d(TAG * Thread.currentThread().getId(), "job scheduled"); 


"74 


issuerTxt.setText(gv.getCombo( ).keySet().toArray()[0].toString()); //fetching the 
hashmap object 


j 


totpTxt.setText(gv.getCurrent otp()); 


) 

} 

else{ 
Log.e(TAG + Thread.currentThread().getId(), "Empty combo object"); 
Log.e(TAG, "job scheduling failed"); 

1 


public void cancelJob(View view) 4 


JobScheduler scheduler - (JobScheduler) 


getSystemService(JOB SCHEDULER SERVICE); 


J 


scheduler.cancel(123); 
issuerTxt.setText("Issuer"); 
totpTxt.setText("012345"); 
MainActivity.progressbar.setProgress(0); 
Log.d(TAG, "job cancelled"); 


@Override 
public boolean onCreateOptionsMenu(Menu menu) { 


j 


// Inflate the menu; this adds items to the action bar if it is present. 
getMenuInflater().inflate(R.menu.menu main, menu); 
return true; 


@Override 
public boolean onOptionsItemSelected(Menultem item) { 


// Handle action bar item clicks here. The action bar will 

// automatically handle clicks on the Home/Up button, so long 
// as you specify a parent activity in AndroidManifest.xml. 
int id = item.getItemId(); 


//noinspection SimplifiableIfStatement 


if (id == R.id.action_settings) { 
return true; 
} 


return super.onOptionsItemSelected(item); 


public void onDestroy() 4 


j 


super.onDestroy(); 


QR Scanner.Java 
package com.collins.two fa app; 


import 
import 
import 
import 
import 
import 
import 


android.Manifest; 
android.app.Activity; 
android.content.pm.PackageManager; 
android.net.Uri; 
android.os.Bundle; 
android.widget.TextView; 
android.widget.Toast; 
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import androidx.annotation.Nullable; 
import androidx.appcompat.app.AppCompatActivity; 
import androidx.core.app.ActivityCompat; 


import com.karumi.dexter.Dexter; 

import com.karumi.dexter.PermissionToken; 

import com.karumi.dexter.listener.PermissionDeniedResponse; 
import com.karumi.dexter.listener.PermissionGrantedResponse; 
import com.karumi.dexter.listener.PermissionRequest; 

import com.karumi.dexter.listener.single.PermissionListener; 


import java.util.HashMap; 
import me.dm7.barcodescanner.zxing.ZXingScannerView; 


public class QR Scanner extends AppCompatActivity implements 
ZXingScannerView.ResultHandler 4 

private static final String TAG - "QRScanner"; 

private ZXingScannerView scannerView; 

private TextView secretTxt; 

private Uri uri; 

String secret key, issuer; 


// Camera Permissions 

private static final int REQUEST CAMERA PERMISSION - 1; 

private static String[] PERMISSIONS CAMERA = ( 
Manifest.permission.CAMERA 

); 


public static void verifyCameraPermissions(Activity activity) 4 
// Check if we have write permission 
int permission - ActivityCompat.checkSelfPermission(activity, 
Manifest.permission.CAMERA); 


if (permission !- PackageManager.PERMISSION GRANTED) { 
// We don't have permission so prompt the user 
ActivityCompat.requestPermissions( 
activity, 
PERMISSIONS CAMERA, 
REQUEST CAMERA PERMISSION 


); 
) 


@Override 

public void onCreate(@Nullable Bundle state) { 
super.onCreate(state); 
setContentView(R.layout.gr scanner); 
//init 
scannerView = findViewById(R.id.zxscan); 
secretTxt = findViewById(R.id.secret_txt); 


verifyCameraPermissions(this); 
//request permissions 
Dexter.withContext(this) 
.withPermission(Manifest.permission.CAMERA) 
.withListener(new PermissionListener(){ 
@Override public void onPermissionGranted(PermissionGrantedResponse 
response) 4 
scannerView.setResultHandler(QR Scanner.this); 
scannerView.startCamera(); 


@Override 
public void onPermissionDenied(PermissionDeniedResponse response) ( 
Toast .makeText(QR_Scanner.this, "Allow the app to access the 
camera",Toast.LENGTH SHORT).show(); 


j 
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QOverride 
public void onPermissionRationaleShouldBeShown(PermissionRequest 
permission, PermissionToken token) 41 } 


3) 
.check(); 
) 
@Override 


public void onResume() { 
super.onResume(); 
scannerView.setResultHandler(this); // Register ourselves as a handler for 
scan results. 
scannerView.startCamera(); // Start camera on resume 
j 


@Override 

public void onPause() ( 
scannerView.stopCamera(); // Stop camera on pause 
super.onPause(); 


4 


QOverride 

protected void onDestroy() 4 
scannerView.stopCamera(); 
super.onDestroy(); 


j 


@Override 
public void handleResult(com.google.zxing.Result rawResult) 4 
String text - rawResult.toString(); 


if (text.startswith("otpauth://totp/")) 4 
uri - Uri.parse(text); 
secret key - uri.getQueryParameter("secret"); 
issuer - uri.getQueryParameter("issuer"); 
HashMap<String, String> combinations = new HashMap<String, String>(); 
combinations.put(issuer,secret key); 
GlobalVar gv = new GlobalVar(); 
gv.setIssuer(issuer); 
gv.setSecret(secret key); 
gv.setCombo(combinations); 


//debug 
// secretTxt.setText(secret key); 
// Log.d(TAG + " combo", gv.getCombo( ).toString()); 


//TODO: start OTP Generation automatically 
//TODO: go back automatically to main page 
onBackPressed(); 


j 


else ( 
secretTxt.setText("Invalid QR code. Scan a TOTP QR code"); 
scannerView.resumeCameraPreview((ZXingScannerView.ResultHandler) 
QR Scanner.this); 


// scannerView. resumeCameraPreview( (ZXingScannerView. ResultHandler ) 
QR_Scanner.this); 


} 
} 


HMACSHA1.Java 


package com.collins.two_fa_app; 


import java.security.GeneralSecurityException; 
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import java.util.Arrays; 
import javax.crypto.Mac; 
import javax.crypto.spec.SecretKeySpec; 


EES 

* Two factor Java implementation for the Time-based One-Time Password (TOTP) 
algorithm. 

* 


* See: https://github.com/j256/java-two-factor-auth 
* 
* Copyright 2015, Gray Watson 
ТУ” 
public class HMACSHA1 í 


/** gefault time-step which is part of the spec, 30 seconds is default */ 
public static final int TIME STEP SECONDS - 30; 

/** set to the number of digits to control 0 prefix, set to 0 for no prefix */ 
private static int NUM DIGITS OUTPUT - 6; 


private final String blockOfZeros; 


{ 
StringBuilder sb = new StringBuilder (NUM DIGITS OUTPUT); 
for (int i = 0; i < NUM DIGITS OUTPUT; i++) £ 
sb.append('0'); 
blockOfZeros - sb.toString(); 
j 


public НМАС5НА1() 4) 


public String generateTOTP(String secret) throws GeneralSecurityException í 
return generateTOTP(secret, System.currentTimeMillis()); 
j 


public String generateTOTP(String secret, long currentTimeMillis) throws 
GeneralSecurityException 4 


byte[] key - decodeBase32(secret); 
byte[] data - new byte[8]; 
long value - currentTimeMillis / 1000 / TIME STEP SECONDS; 
for (int i = 7; value > 0; 1--) í 
data[i] - (byte) (value & OxFF); 
value >>- 8; 


j 


// encrypt the data with the key and return the 5НА1 of it in hex 
SecretKeySpec signKey - new SecretKeySpec(key, "HmacSHA1"); 

// if this is expensive, could put in a thread-local 

Mac mac - Mac.getInstance("HmacSHA1"); 

mac.init(signKey); 

byte[] hash - mac.doFinal(data); 


// take the 4 least significant bits from the encrypted string as an offset 
int offset - hash[hash.length - 1] & OxF; 


// We're using a long because Java hasn't got unsigned int. 
long truncatedHash - 9; 
for (int i = offset; 1 < offset + 4; ++i) 5 

truncatedHash ««- 8; 

// get the 4 bytes at the offset 

truncatedHash |- (hash[i] & OxFF); 


3 
// cut off the top bit 
truncatedHash &- Ox7FFFFFFF; 


// the token is then the last 6 digits in the number 
truncatedHash %= 1000000; 
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return zeroPrepend(truncatedHash, NUM DIGITS OUTPUT); 
j 


String zeroPrepend(long num, int digits) ( 
String hashStr - Long.toString(num); 
if (hashStr.length() »- digits) 4 
return hashStr; 
) else ( 
StringBuilder sb - new StringBuilder(digits); 
int zeroCount - digits - hashStr.length(); 
sb.append(blockOfzeros, ©, zeroCount); 
sb.append(hashStr); 
return sb.toString(); 
} 
j 


JER 
* Little decode base-32 method. We could use Apache Codec but I didn't want to 
have the dependency just for this 
* decode method. Exposed for testing. 
*/ 
byte[] decodeBase32(String str) 4 
// each base-32 character encodes 5 bits 
int numBytes = ((str.length() * 5) + 4) / 8; 
byte[] result - new byte[numBytes]; 
int resultIndex - 0; 
int which - 0; 
int working - 0; 
for (int i = 0; i < str.length(); i++) 4 


char ch str.charAt(i); 

int val; 

if (ch »- 'a' && ch «- 'z') 4 
val = ch - "а"; 


) else if (ch >= "А! 88 ch <= 'Z') í 
val = ch - 'A'; 
} else if (ch >= '2' 88 ch <= '7') í 
val = 26 + (ch - '2'); 
) else if (ch == '=') í 
// special case 
which - 0; 
break; 
) else 4 
throw new IllegalArgumentException("Invalid base-32 character: " + ch); 
) 
ZF 
* There are probably better ways to do this but this seemed the most 
straightforward. 
б 
switch (which) 4 
case 0 : 
// all 5 bits is top 5 bits 
working - (val & Ox1F) «« 3; 
which - 1; 
break; 
case 1 : 
// top З bits is lower З bits 
working |- (val & 0х1С) »» 2; 
result[resultIndex++] = (byte) working; 
// lower 2 bits is upper 2 bits 
working = (val & 0x03) << 6; 
which = 2; 
break; 
case 2 : 
// all 5 bits is mid 5 bits 
working |= (val 8 ӨХІЕ) << 1; 
which - 3; 
break; 
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case 3 
// top 1 bit is lowest 1 bit 
working |- (val & 0x10) »» 4; 


result[resultIndex++] = (byte) working; 


// lower 4 bits is top 4 bits 
working = (val 8 OxOF) << 4; 
which = 4; 
break; 

case 4 : 
// top 4 bits is lowest 4 bits 
working |- (val & Ox1E) »» 1; 


result[resultIndex++] = (byte) working; 


// lower 1 bit is top 1 bit 
working = (val & 0x01) << 7; 
which = 5; 
break; 

case 5: 
// all 5 bits is mid 5 bits 
working |= (val 8 Ox1F) << 2; 
which = 6; 
break; 

case 6 
// top 2 bits is lowest 2 bits 
working |- (val & 0x18) >> 3; 


result[resultIndex++] = (byte) working; 
// lower 3 bits of byte 6 is top 3 bits 


working = (val & 0x07) << 5; 
which - 7; 
break; 

case 7 : 
// all 5 bits is lower 5 bits 
working |= (val 8 Ox1F); 


result[resultIndex++] = (byte) working; 


which = ®; 
break; 


j 


) 
if (which !- 0) 5 
result[resultIndex++] = (byte) working; 


if (resultIndex != result.length) { 


result = Arrays.copyOf(result, resultIndex); 


) 


return result; 


OTPGenerator.Java 
package com.collins.two fa app; 


public class OTPGenerator 4 
private String secret key; 


public OTPGenerator(){} 


public String OTPGen(String 5) 4 //constructor. 
QROTPModel and UNIX time. 


String totp - null; 

try í 
НМАС5НА1 hmacObj = new НМАС5НА1(); 
totp - hmacObj.generateTOTP(s); 

}catch (final Exception е)( 
System.out.println("Error : " + e); 


return totp; 
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class requires secret 


from 


ScheduleOTPGeneration.Java 
package com.collins.two fa app; 


import android.app.job.JobParameters; 
import android.app.job.JobService; 
import android.os.CountDownTimer; 
import android.os.PersistableBundle; 
import android.util.Log; 


import java.util.HashMap; 


public class ScheduleOTPGeneration extends JobService 4 


ZZ 


private static final String TAG = "ScheduleOTPGen"; 
private boolean jobcancelled = false; 


@Override 

public boolean onStartJob(JobParameters params) { 
backgroundWork (params ) ; 
PersistableBundle bundle - params.getExtras(); 


GlobalVar gv - new GlobalVar(); 


HashMap<String, String» combinations = new HashMap<String, String>(); 
combinations.put(GlobalVar.getIssuer(), GlobalVar.getSecret()); 
gv.setCombo(combinations); 

OTPGenerator оїр1 = new OTPGenerator(); 

String totp = otp1.0TPGen(gv.getCombo().get("GitHub")); 

gv.setCurrent otp(totp); 

Log.d(TAG + " combo", gv.getCombo().toString()); 

Log.d(TAG * " totp", gv.getCurrent otp()); 
MainActivity.totpTxt.setText(gv.getCurrent otp()); 
MainActivity.issuerTxt.setText(gv.getCombo( ).keySet().toArray() 


[0]. toString()); 


new CountDownTimer(30000, 1000) 4 
public void onTick(long millisUntilFinished) 4 
float count - (millisUntilFinished / 1000)*100; 
int countdown = Math.round(count/30); 
MainActivity.progressbar.setProgress(countdown); 


j 


public void onFinish() ( 
} 
}.start(); 


try { 
Thread.sleep(1000); 

} catch (InterruptedException e) { 
e.printStackTrace(); 

} 


Log.d(TAG, "Job finished"); 
jobFinished(params, false); 


return true; 


j 


private void backgroundwork(final JobParameters params) 4 
new Thread(new Runnable() 4 
//code to run when app starts the thread 
@Override 
public void run() { 


j 
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}).start(); 


//when job is cancelled without completion 

@Override 

public boolean onStopJob(JobParameters params) { 
Log.d(TAG, "cancelled before completion"); 
jobcancelled - true; 
return false; 


RESOURCE LAYOUT FILES 


activity main.xml 
<?xml version="1.0" encoding="utf-8"?> 
«androidx.constraintlayout.widget.ConstraintLayout 
xmlns:android="http://schemas.android.com/apk/res/android" 
xmlns:appz"http://schemas.android.com/apk/res-auto" 
xmlns:tools="http://schemas.android.com/tools" 
android:id="@+id/coordinatorLayout" 
android: layout_width="match_parent" 
android: layout_height="match_parent" 
tools: context=".MainActivity"> 


«com.google.android.material.appbar.AppBarLayout 
android:id="@+id/appBarLayout" 
android: layout_width="wrap_content" 
android: layout_height="wrap_content" 
android: background="#13A7E1i" 
android: theme="@style/AppTheme.AppBarOverlay" 
app: Layout_constraintEnd_toEndOf="parent" 
app: Layout_constraintStart_toStartOf="parent" 
app: Layout_constraintTop_toTopOf="parent"> 


<androidx.appcompat .widget . Toolbar 
android: id="@+id/toolbar" 
android: layout_width="423dp" 
android: layout_height="match_parent" 
android: background="@color/colorPrimary" 
арр: popupTheme="@style/AppTheme.PopupOverlay" /> 


</com. google. android.material.appbar .AppBarLayout> 


<TextView 
android: id="@+id/app_name_text" 
android: layout_width="wrap_content" 
android: layout_height="wrap_content" 
android: fontFamily="@font/abel" 
android: text="@string/app_name" 
android: textColor="#FFFFFF" 
android: textSize="36sp" 
android: typeface="normal" 
app: layout_anchor="@+id/appBarLayout" 
app: layout_anchorGravity="top|center" 
app:layout constraintBottom toBottomOf-"Q-*id/appBarLayout" 
app: Layout_constraintEnd_toEndOf="@+id/appBarLayout" 
app: Layout_constraintStart_toStartOf="@+id/appBarLayout" 
app: Layout_constraintTop_toTopOf="parent" /> 


<TextView 
android: id="@+id/header_main" 
android: layout_width="wrap_content" 
android: layout_height="wrap_content" 
android: fontFamily="@font/abel" 
android: text="@string/header_main" 
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android: textColor="#000000" 

android: textSize="24sp" 

app:layout constraintBottom toBottomOf-"parent" 

app: Layout_constraintEnd_toEndOf="parent" 

app: layout_constraintHorizontal_bias="0.061" 

app: layout_constraintLeft_toLeftOf="parent" 

app: layout_constraintRight_toRightOf="parent" 

app: Llayout_constraintStart_toStartOf="parent" 

app: Llayout_constraintTop_toBottom0Of="@+id/appBarLayout" 
app: layout_constraintVertical_bias="0.025" /> 


<TextView 
android: id="@+id/current_otpTxt" 
android: layout_width="wrap_content" 
android: layout_height="wrap_content" 
android: fontFamily="@font/abel" 
android: text="012345" 
android: textSize="50sp" 
app:layout constraintBottom toBottomOf-"parent" 
app: Layout_constraintEnd_toEndOf="parent" 
app: layout_constraintHorizontal_bias="0.061" 
app: Layout_constraintLeft_toLeftOf="parent" 
app: layout_constraintRight_toRightOf="parent" 
app: Layout_constraintStart_toStartOf="parent" 
app: Layout_constraintTop_toBottom0f="@+id/header_main" 
app: layout_constraintVertical_bias="0.019" /> 


<TextView 
android: id="@+tid/issuerTxt" 
android:layout widthz"wrap content" 
android:layout heightz"wrap content" 
android: fontFamily="@font/abel" 
android:text="Issuer" 
android:textSize="20sp" 
app:layout constraintBottom toBottomOf-"parent" 
app:layout constraintEnd toEndOf-"parent" 
app: layout_constraintHorizontal_bias="0.043" 
app: layout_constraintLeft_toLeftOf="parent" 
app: Layout_constraintRight_toRightOf="parent" 
app: layout_constraintStart_toStartOf="parent" 
app:layout constraintTop toBottomOf-z"Q-*-id/current otpTxt" 
app: layout_constraintVertical_bias="0.0" /> 


<Button 
android: id="@+id/add_service" 
style="?android:attr/borderlessButtonStyle" 
android: layout_width="wrap_content" 
android: layout_height="wrap_content" 
android: background="@drawable/rounded_btn" 
android: fontFamily="@font/abel" 
android: longClickable="false" 
android: onClick="addService" 
android: shadowColor="#807D7D" 
android: text="@string/add_service" 
android: textColor="#000000" 
android: textSize="23sp" 
app: layout_anchorGravity="bottom|right" 
app:layout constraintBottom toBottomOf-"parent" 
app:layout constraintEnd toEndOf-z"parent" 
app: layout_constraintHorizontal_bias="0.913" 
app: Llayout_constraintLeft_toLeftOf="parent" 
app: layout_constraintRight_toRightOf="parent" 
app: Layout_constraintStart_toStartOf="parent" 
app: Layout_constraintTop_toBottom0f="@+id/current_otpTxt" 
app: layout_constraintVertical_bias="0.927" /> 


<Button 
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android:id="@+id/scheduleJob" 

android: layout_width="wrap_content" 

android: layout_height="wrap_content" 

android: layout_marginTop="96dp" 

android: onClick="scheduleJob" 

android: text="Schedule" 

app: Layout_constraintEnd_toEndOf="parent" 

app:layout constraintStart toStartOf-"parent" 
app:layout constraintTop toBottomOf-"Q-*id/issuerTxt" /» 


«Button 
android:id="@+id/cancelJob" 
android: layout_width="wrap_content" 
android: layout_height="wrap_content" 
android: onClick="cancelJob" 
android: text="CANCEL" 
app: Layout_constraintEnd_toEndOf="parent" 
app: Llayout_constraintStart_toStartOf="parent" 
app: Layout_constraintTop_toBottom0f="@+id/scheduleJob" /> 


<ProgressBar 
android: id="@+id/progress_circular" 
android: layout_width="50dp" 
android: layout_height="50dp" 
android: layout_marginTop="76dp" 
android: indeterminateOnly="false" 
android: progressDrawable="@drawable/circular_progress_bar" 
app: Layout_constraintBottom_toTopOf="@+id/scheduleJob" 
app: Layout_constraintEnd_toEndOf="parent" 
app: layout_constraintHorizontal_bias="1.0" 
app: Layout_constraintStart_toEndOf="@+id/current_otpTxt" 
app: Layout_constraintTop_toBottom0Of="@+id/appBarLayout" 
app: layout_constraintVertical_bias="0.0" 
tools: progress="60" /> 


</androidx.constraintlayout .widget .ConstraintLayout> 


qr_scanner.xml 

<?xml version="1.0" encoding="utf -8"?> 

<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android" 
android:orientation="vertical" android: layout_width="match_parent" 
android: layout_height="match_parent"> 


«те. dm7 . barcodescanner . zxing. ZXingScannerView 
android:id ="@+id/zxscan" 
android: layout_above="@+id/layout_result" 
android: layout_width="match_parent" 
android: layout_height="match_parent" 
/> 


<LinearLayout 
android: id="@+id/layout_result" 
android: layout_alignParentBottom="true" 
android: orientation="vertical" 
android: padding="10dp" 
android: background="@color/colorPrimaryDark" 
android: layout_width="match_parent" 
android: layout_height="wrap_content"> 


<TextView 
android: id="@+tid/secret_txt" 
android: layout_width="match_parent" 
android: layout_height="wrap_content" 
android: fontFamily="@font/abel" 
android: gravity="center" 
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android:text="@string/result_txt" 
android:textSize="24sp" /> 


</LinearLayout> 


</RelativeLayout> 


GRADLE SCRIPT 
build.gradle (Module) 


apply plugin: 'com.android.application' 


android 4 

compileSdkVersion 29 

buildToolsVersion "29.0.2" 

defaultConfig 4 
applicationId "com.collins.two fa app" 
minSdkVersion 21 
targetSdkVersion 29 
versionCode 1 
versionName "1.0" 
testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner" 


) 
buildTypes ( 
release ( 
minifyEnabled false 
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 
'proguard-rules.pro' 


) 
) 


dependencies 4 
implementation fileTree(dir: 'libs', include: ['*.jar']) 
implementation 'androidx.appcompat:appcompat:1.2.0' 
implementation 'androidx.constraintlayout:constraintlayout:2.0.1' 
implementation 'com.google.android.material:material:1.2.1' 
implementation 'me.dm7.barcodescanner:zxing:1.9.13' 
implementation 'com.karumi:dexter:6.2.1' 

// implementation 'dev.samstevens.totp:totp:1.7' 


testImplementation 'junit:junit:4.12' //line bringing gradle error at [31,9] 
Message: expected start or end tag 

androidTestImplementation 'androidx.test.ext:junit:1.1.2' 

androidTestImplementation 'androidx.test.espresso:espresso-core:3.3.0' 
//usually for UI testing 

androidTestImplementation 'androidx.test:runner:1.2.0' 

androidTestImplementation 'com.android.support.test:rules:1.0.2' 

testImplementation "com.google.truth:truth:1.0.1" //truth library makes the 
assertions more readable 

//testImplementation- for test source set/folder/module. Test run on the JVM- 
execute faster since emulator isn't started. 


androidTestImplementation "com.google.truth:truth:1.0.1" 

//androidTestImplemntation- for androidTest source set/folder/module- for the 
instrumented unit tests, 

// for tests that rely on Android compnents eg-context. Test runs on the 
emulator. 


} 
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APPENDIX B 


HARDWARE SECURITY KEY SOURCE CODE 


Teensy U2F.cpp 
// Do not remove the include below 
#include "Teensy U2F.h" 


#ifndef USE MBDEDTLS ECC 
int MyRNG Function(uint8 t *dest, unsigned size) ( 


0; і < size; i++) í 


for (unsigned i - 
= Entropy.random(OxFF); 


dest[i] 


) 

#ifdef DEBUG 
Serial.printf("MyRNG Function with size:%dNn", size); 
for (unsigned int i = 0; i < size; i++) 
| Serial.printf("%02x", dest[il); 
Serial.printf("Nn"); 

#endif 
return 1; 


I 
#endif 


void printHex(uint8 t *buf, int size) { 
for (int i = 0; і < size; i++) í 
Serial.printf("%02x", buf[i]); 
} 


) 


// This device will not support multiple channels concurrently. 

byte message[8000]; // maximum message size is 7609 - this is both for 
input and output of message 

int expectedMessageSize - 0; // expected message size - used only during 
input 

int messageSize - 0; // current message size, if current « expected that 
means we are waiting for more packets 

int messageOffset = 0; // current offset of message - used only during 
output 


byte cmd; // current command 

uint32 t cid; // current channel id 

byte state = STATE CHANNEL AVAILABLE; // current channel state; 
byte pack seq = 0; // expected packet sequence number 


#define IS CONTINUATION PACKET(x) ( (x) < 0x80) 


//String together the incoming 64 byte packets into messages 
void processHIDInput() 4 

int n = 0; 

// U2F protocol sends a 64 bit packet and RawHID.recv returns 64bytes 
to establish connection 

byte recv_buffer[64]; 

n = RawHID.recv(recv buffer, 0); // 0 timeout = do not wait 

if (n == 0) í 

return; 
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uint32 t msg cid - (recv buffer[0] «« 24) | (recv buffer[1] «« 16) 
| (recv buffer[2] «« 8) | recv buffer[3]; 

int len = (recv buffer[5]) << 8 | recv buffer[6]; 

byte cmd or cont - recv buffer[4]; //cmd or continuation 


#ifdef DEBUG 
Serial.printf("\nGot RAW HID cid=%x, cmd= 
(cmd or cont > 0x80 ? len : 0 


%x\n", msg cid, cmd or cont, 
)); 


#endif 


// Is the channel free, then we expect start of new command 
if (state == STATE CHANNEL AVAILABLE) í 
// Did we get an unexpected continuation packet - something is 
wrong 
if (IS CONTINUATION PACKET(cmd ог cont)) í 
#ifdef DEBUG 
Serial.printf( 
"WARNING: Got continuation packet when 
expecting starting packet. Ignoring packet\n"); 
#endif 
// Ignore this. The spec says "Spurious continuation 
packets appearing without a prior initialisation packet will be ignored" 
return; 
) 


// This is start of a new message 
// save the a) ChannelID - cid, b) Command - cmd, c) message 


size 
cid - msg cid; 
cmd - cmd or cont; 
expectedMessageSize - (recv buffer[5]) «« 8 | recv buffer[6]; 
pack seq - 60; 
if (expectedMessageSize «- MAX INITIAL PACKET) ( // if the 
entire message is «- 57 (MAX INITIAL PACKET) bytes, it will fit in the 
first buffer 
memcpy(message, recv buffer + 7, expectedMessageSize); 
messageSize - expectedMessageSize; 


#ifdef DEBUG | 
Serial.printf("Got full message in first packet size- 


%d\n", 
messageSize); 

#endif 

// Entire message has been received, go ahead and process 
it 

processMessage(); 

state = STATE CHANNEL AVAILABLE; 

) else í // message size needs continuation packets, save this 

buffer and 


memcpy(message, recv buffer + 7, MAX INITIAL PACKET); 

messageSize - MAX INITIAL PACKET; 

state - STATE CHANNEL WAIT CONT; 
#ifdef DEBUG 

Serial.printf("Got partial message in first packet size- 
%d\n", 

messageSize); 
#endif 
} 


// If the current channel is waiting for а packet 
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else if (state == STATE CHANNEL WAIT CONT) í 
if (msg cid != cid) 4 // message is for a different channel , 
ERROR we only support one channel 
#ifdef DEBUG 
Serial.printf( 
"Got message for different channel, we 
support only 1 channel. Expected cid=%, Message cid=%x\n", 
cid, msg cid); 
#endif 
doHIDErrorOutput(ERR OTHER); 
return; 
) else if (pack seq != cmd or cont) í // expected packet 
sequence number did not match - ERROR 
#ifdef DEBUG 
Serial.printf( 
"Got wrong sequence number. Expected 664550, 
Message seq=%dNn", 
pack seq, cmd or cont); 


#endif 
doHIDErrorOutput (ERR_INVALID 5Е0); 
return; 
} 
// Did we get the last packet 
int remaining = expectedMessageSize - messageSize; 
if (remaining <= MAX_CONTINUATION PACKET) { 
memcpy(message + messageSize, recv_buffer + 5, 
remaining); 


messageSize += remaining; 


#ifdef DEBUG 

Serial.printf("Got final message in packet:%d \n", 
pack seq); 
#endif 

// Entire message has been received, go ahead and process 
it 

processMessage(); 

state = STATE_CHANNEL AVAILABLE; 

} else { 

// We didn't get the last packet yet, read this packet 
and go back to waiting 

memcpy (message + messageSize, гесу buffer + 5, 

MAX_CONTINUATION PACKET); 

messageSize += МАХ CONTINUATION PACKET; 

pack seq++; 

state = STATE CHANNEL WAIT CONT; 
#ifdef DEBUG 

Serial.printf ( 

"Got partial message in packet:%d remaining 
size=%d\n", 
(pack seq - 1), (expectedMessageSize - 
messageSize)); 
#endif 
) 


) 
) 


void doHIDErrorOutput(uint8 t err) 4 
byte resp buffer[64]; 
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// output first block 

resp buffer[0] (cid »» 24) & Oxff; 
resp buffer[1] (cid >> 16) & Oxff; 
resp buffer[2] (cid >> 8) & Oxff; 
resp buffer[3] cid & Oxff; 


resp buffer[4] U2FHID ERROR; 


resp buffer[5] - 0; 
resp buffer[6] = 1; 
resp buffer[7] = err; 


RawHID.send(resp buffer, 100); 
) 


void doHIDOutput() 4 
#ifdef DEBUG 
Serial.printf("Responding with cid=%x cmd=%x, messageSize=%d\n", cid, 
cmd, 
messageSize); 
#endif 
byte resp buffer[64]; 


// output first block 

resp buffer[0] (cid »» 24) & Oxff; 
resp buffer[1] (cid >> 16) & Oxff; 
resp buffer[2] (cid >> 8) & Oxff; 
resp buffer[3] cid & Oxff; 


cmd; 
messageSize »» 8; 
messageSize & Oxff; 


resp buffer[4] 
resp buffer[5] 
resp buffer[6] 


int n - messageSize » MAX INITIAL PACKET ? MAX INITIAL PACKET : 
messageSize; 

memcpy(resp buffer + 7, message, n); 

int offset - n; 
#ifdef DEBUG 

for (и10116 t i = 0; i < 7 + п; i++) 

Serial.printf("%02x", resp buffer[i]); 

Serial.printf("\n"); 
#endif 

RawHID.send(resp buffer, 100); 


uint8 t seq - 0; 
while (offset « messageSize) 4 
delay(1); // Give a gap between each packet 
resp buffer[4] = seq; 
n = (messageSize - offset) > MAX CONTINUATION PACKET ? 
MAX CONTINUATION PACKET : (messageSize - offset); 
memcpy(resp buffer + 5, message + offset, n); 
#ifdef DEBUG 
Serial.printf( 
"Responding continuation packet cid=%x cmd=%d ѕед= 
зд offset=%d\n", 
сід, ста, 5ед, offset); 
for (и10116 t i = 0; i «5 + п; i++) 
Serial.printf("%02x", resp buffer[i]); 
Serial.printf("\n"); 
#endif 
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RawHID.send(resp buffer, 100); 
seq++; 
offset += n; 


) 


void u2f errorResponse(uintl6 t err) ( 
cmd - U2FHID MSG; 
messageSize - 2; 


message[0] - err »» 8; 
message[1] - err & Oxff; 
doHIDOutput(); 


) 


void processMessage() 4 
if (cmd == U2FHID INIT) í 
#ifdef DEBUG 
Serial.printf("Got U2FHID INIT cid=%d\n", cid); 
#endif 
uint32 t newCid = cid; 
if (cid == CID BROADCAST) í 
newCid - Entropy.random() & Oxff; // Since we support 
only one channel - just use 1 for the channel id 
#ifdef DEBUG 
Serial.printf("Allocating a random cid=%x\n", newCid); 
#endif 


// message[0..8] is a 8 byte nonce in the input message which 
will be passes as is to the output 

// message[8..12] is a 4 byte Channel Identifier, pass it 
unchanged, unless it is broadcast request 


message[8] = (newCid >> 24) & Oxff; 
message[9] = (newCid >> 16) & Oxff; 
message[10] = (newCid >> 8) & Oxff; 
message[11] = newCid & Oxff; 
message[12] = U2FHID IF VERSION; 
message[13] = 1; //major 
message[14] = 0; //minor 
message[15] = 1; //build 
message[16] - CAPFLAG WINK; // supports the wing capability 
messageSize - 17; 

doHIDOutput(); 


) else if (cmd -- U2FHID PING) 4 
#ifdef DEBUG 
Serial.printf("Got U2FHID PING cid=%x\n", cid); 
#endif 
doHIDOutput(); // output everything unchanged 
) else if (cmd == U2FHID WINK) í 
#ifdef DEBUG 
Serial.printf("Got U2FHID WINK cid=%xNn", cid); 
#endif 
// blink lights 
doHIDOutput(); // output everything unchanged 
y else if (cmd == U2FHID MSG) í 
byte CLA = message[0]; 
byte INS message[1]; 
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byte P1 = message[2]; 

byte P2 « message[3]; 

uint32 t reqlength - (message[4] «« 16) | (message[5] «« 8) 
| message[6]; 


#ifdef DEBUG 
Serial.printf( 
"Got U2FHID MSG с14-5х, CLA=%d, INS=%x, Pl=%d, P2= 
54, reqLength=%dNn", 
cid, CLA, INS, P1, P2, reqlength); 
#endif 
if (INS == U2F REGISTER) { 
u2f register(message + 7, reglength); 
) else if (INS -- U2F AUTHENTICATE) 4 
u2f authenticate(P1, message + 7, reqlength); 
) else if (INS -- U2F VERSION) 4 
u2f version(message + 7, reqlength); 
) else ( 
#ifdef DEBUG 
Serial.printf("Got wrong unknown INS:%d cid=%x\n", INS, 
cid); 
#endif 
u2f errorResponse(SW INS NOT SUPPORTED); 
) 


) else ( 
#ifdef DEBUG 
Serial.printf("Got wrong unknown command:%d cid=%x\n", cmd, 
cid); 
#endif 
doHIDErrorOutput(ERR INVALID CMD); 


) 


// А self issued attestation certificate generated using OpenSSL commands 
above 
// Subject: C=US, CN-Teensy 38510000 72330018 001D5019 31604E45 
byte attestCert[] = { 0x30, 0x82, 0x01, Oxcc, 0x30, 0x82, 0x01, 0x71, бхабф, 

0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x92, Ox5d, Oxdf, 
0хр7, 0x83, 

Ox7f, 0x84, 0x62, 0x30, 0x0a, 0x06, 0x08, Ox2a, 0x86, 0x48, 
Охсе, 0x3d, 

0x04, 0x03, 0x02, 0x30, 0x42, 0x31, OxOb, 0x30, 0x09, 0x06, 
0x03, 0x55, 

0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0х31, 0x33, 0x30, 0x31, 
0x06, 0x03, 

0x55, 0x04, 0x03, OxOc, Ox2a, 0x54, 0x65, 0x65, бхбе, 0x73, 
0x79, 0x20, 

0x33, 0x38, 0x35, 0x31, 0x30, 0x30, 0x30, 0x30, 0x20, 0x37, 
0x32, 0x33, 

0x33, 0x30, 0x30, 0x31, 0x42, 0x20, 0x30, 0x30, 0x31, 0x44, 
0x35, 0x30, 

0x31, 0x39, 0x20, 0x33, 0x31, 0x36, 0x30, 0x34, 0x45, 0x34, 
0x35, 0x30, 

0х1е, 0x17, 0х04, 0x31, 0x35, 0x31, 0x32, 0x30, 0x33, 0x30, 
0x38, 0x31, 

0x33, 0x30, 0x38, 0x5a, 0x17, OxOd, 0x32, 0x35, 0x31, 0x31, 
0x33, 0x30, 
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0x30, 0x38, 0x31, 0x33, 0x30, 0x38, 0x5a, 0x30, 0x42, 0x31, 
OxOb, 0x30, 

0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 
0x31, 0x33, 

0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x03, 0х0с, Ox2a, 0x54, 
0x65, 0x65, 

0хбе, 0x73, 0x79, 0x20, 0x33, 0x38, 0x35, 0x31, 0x30, 0x30, 
0x30, 0x30, 

0x20, 0x37, 0x32, 0x33, 0x33, 0x30, 0x30, 0x31, 0x42, 0x20, 
0x30, 0x30, 

0x31, 0x44, 0x35, 0x30, 0x31, 0x39, 0x20, 0x33, 0x31, 0x36, 
0x30, 0x34, 

0x45, 0x34, 0x35, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0х2а, 
0x86, 0x48, 

Oxce, Ox3d, 0x02, 0x01, 0x06, 0x08, Охда, 0x86, 0x48, Oxce, 
0х34, 0x03, 

0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0хіс, Oxbd, 0x93, Oxb6, 
0x38, 0x9c, 

0x01, 0x88, Oxba, 0x31, 0x49, 0x44, OxOe, 0x08, 0x88, Oxad, 
0x7b, Охба, 

0x36, 0xa3, 0x65, Oxlb, 0x7a, 0x16, Oxfd, 0x77, Oxb7, Oxdf, 
0x90, 0x91, 

0х04, OxbO, Oxcf, Ox3a, 0х54, 0x41, Oxa5, 0x94, Ox3d, Ox3b, 
0x85, Oxa4, 

0xc6, 0x65, 0xa0, Ox1f, 0x48, Oxf7, 0хба, 0x21, Oxc4, Oxfb, 
0x95, 0x73, 

Oxf3, 0xd8, 0x75, Oxle, Oxf4, Oxfc, Oxc5, Oxf6, Oxa3, Oxf2, 
0xa3, 0x50, 

0x30, Ox4e, 0x30, 0х14, 0x06, 0x03, 0x55, 0х14, Өхде, 0x04, 
0x16, 0x04, 

0x14, 0x50, Ox9f, 0x42, 0x44, 0x21, 0x66, 0x3a, Oxca, Oxd4, 
Oxcl, 0х8с, 

0x31, Oxdl, 0x7a, 0х7с, 0x35, Oxe8, Oxda, 0x17, 0хр0, 0x30, 
Ox1lf, 0x06, 

0x03, 0x55, 0х14, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 
0x50, Ox9f, 

0x42, 0x44, 0x21, 0x66, ОхЗа, Oxca, Oxd4, Oxcl, 0х8с, 0x31, 
0х41, 0x7a, 

0x7c, 0x35, Oxe8, Oxda, 0x17, Oxb0, 0x30, OxOc, 0x06, 0x03, 
0x55, 0х14, 

0x13, 0x04, 0x05, 0x30, 0x03, 0х01, 0х01, Oxff, 0x30, бхба, 
0x06, 0x08, 

0х2а, 0x86, 0x48, Oxce, Ox3d, 0x04, 0x03, 0x02, 0x03, 0x49, 
0x00, 0x30, 

0x46, 0x02, 0x21, 0x00, Oxad, 0x27, Ox7f, 0x55, 0x73, Oxc2, 
0хс3, 0x30, 

0x90, Oxb9, 0х19, 0x46, 0x05, 0x58, Oxb6, Oxcc, 0x03, 0x87, 
0x13, 0x44, 

0x68, 0x7c, 0x6e, 0x83, 0x9e, Ox2d, 0x42, Oxd3, Oxc9, 0x42, 
0x41, 0x93, 

0x02, 0x21, 0x00, Oxc5, Oxda, 0x60, Oxea, Oxf2, 0x86, Oxad, 
0хр6, 0х9а, 

0xa6, Oxca, 0x18, 0x0e, Oxe2, Oxef, 0x04, Oxd6, Oxfd, Oxbb, 
0ха8, Ox8f, 

0хда, Ox7f, Oxfc, Ox9a, 0x47, 0x66, Oxe6, 0x77, Oxed, 0x97, 
0x56 Y; 


byte attestPrivKey[] = { Oxae, 0x93, 0xa6, 0x20, Oxeb, 0x92, 0x03, 0x69, 
0x83, 
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0x07, 0x92, Oxf3, 0x18, Ox2e, 0x84, 0x87, Oxle, Oxbc, 0x32, 
0x72, 0x85, 

0хда, 0xa5, 0x3a, Ox6c, Oxde, 0x29, 0x68, Oxca, Oxbb, 0x36, 
0x35 


У; 


byte attestPubKey[] = 4 0x04, Өхіс, Oxbd, 0x93, Oxb6, 0x38, Ox9c, 0x01, 
0x88, 

Oxba, 0x31, 0x49, 0x44, Ox0e, 0x08, 0x88, Oxad, Ox7b, Охба, 
0x36, 0xa3, 

0x65, Ox1b, 0x7a, 0x16, Oxfd, 0x77, Oxb7, Oxdf, 0x90, 0x91, 
0х04, 0хр0, 

Oxcf, 0x3a, 0х54, 0x41, 0xa5, 0x94, Ox3d, Ox3b, 0x85, Oxa4, 
Oxc6, 0x65, 

0xa0, Ox1f, 0x48, Oxf7, Охба, 0x21, Oxc4, Oxfb, 0x95, 0x73, 
Oxf3, Oxd8, 

0x75, Oxle, Oxf4, Oxfc, Oxc5, Oxf6, Oxa3, Oxf2 }; 


#define EEPROM KEYOFFSET 4 
#define EEPROM ENTRYSIZE 68 
#define EEPROM ENTRY APPOFFSET 0 
#define EEPROM ENTRY KEYOFFSET 32 
#define EEPROM ENTRY COUNTEROFFSET 64 
#define EERPOM MAXKEYS 10 


/* 
microECC library does not produce signature in ASN.1 encoding. 
So we need to convert to an ASN.1 sequence 


ECDSASignature ::= SEQUENCE (r INTEGER, s INTEGER} 


- 
unsigned int appendSignatureAsDER(uint8 t message[], int &offs, 
uint8 t signature[64]) ( 
int oldOffs - offs; 
message[offs++] = 0x30; // Start of ASN.1 SEQUENCE 
uint8 t *len = message + offs; 
messageloffs++] = 68; //total length (32 + 32 + 2 + 2) 


// Loop twice - for R and S 
for (unsigned int i = 0; i < 2; i++) í 
unsigned int sigOffs - і * 32; 
messageloffs++] = 0x02; //header: integer 
message[offs++] = 32; //32 byte 
if (signature[sigOffs] > 0x7f) 4 // Integer needs to be 
represented in 2's completement notion 
message[offs - 1144, 
messageloffs++] = 0; // add leading 0, to indicate it is 
a positive number 


) 
memcpy(message + offs, signature + sigOffs, 32); //R value 
offs += 32; 


(*len)++; 


) 
return offs - oldOffs; 
} 


// 55 32 46 5f 56 32 90 00 
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void u2f version(byte data[], uint32 t dataLen) ( 
if (dataLen !- 0) í 
#ifdef DEBUG 
Serial.printf("Expecting 0 byte U2F VERSION message, got: 


%d\n", 
dataLen); 
#endif 
u2f errorResponse(SW WRONG LENGTH); 
return; 
) 
#ifdef DEBUG 


Serial.printf("Got U2F VERSION message, returning U2F V2\n"); 
#endif 

int offs = 0; 

// Returns version string as "U2F V2" 

// Return SW NO ERROR as status 

memcpy(message, "U2F V2", 6); 


offs = 6; 
message[offs++] = SW NO ERROR >> 8; 
messageloffs++] = SW NO ERROR & Oxff; 


messageSize - offs; 
doHIDOutput(); // output the response 


) 
void u2f register(byte data[], uint32 t dataLen) 4 


// TODO check that dataLen is actually 64 
if (dataLen != 64) í 
#ifdef DEBUG 
Serial.printf("Expecting 64 byte U2F REGISTER message, got: 
85d Nn", 
dataLen); 
#endif 
u2f _errorResponse (SW WRONG LENGTH); 
return; 


) 


// Check how many keys ме are already storing 
uint8 t numKeys = EEPROM.read(0); // 0's index has number of keys 
if (numKeys » 5) // Temporary code so that EEPROM doesn't get full 
numKeys - 0; 
if (numKeys »- EERPOM MAXKEYS) 4 
#ifdef DEBUG 
Serial.printf("EEPROM already has too many keys : %dNn", 
numKeys) ; 
#endif 
// no more space to register more keys 
u2f_errorResponse (SW CONDITIONS NOT SATISFIED); 
return; 


uint8 t keyHandle = numKeys++; 
// Copy the application param and challenge param out of the request 
data 


byte applicationParam[32]; 
byte challengeParam[32]; 
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memcpy(challengeParam, data, 32); 
memcpy(applicationParam, data - 32, 32); 


// Generate a key pair 
uint8 t pub[65]; 
uint8 t priv[32]; 
pub[0] - 0x04; 


uECC make key(pub + 1, priv, uECC secp256r1()); 


#ifdef DEBUG 

Serial.printf("Generated key:\n"); 

Serial.printf(" Private:"); 

Тог (uintl6 t i = 0; i < sizeof(priv); i++) 
Serial.printf("%02x", priv[i]); 

Serial.printf("\n Public:"); 

for (uintl6 t i = 0; і < sizeof(pub); i++) 
Serial.printf("%02x", pub[i]); 

Serial.printf("\n App:"); 

Тог (uintl6 t i = 0; і < sizeof(applicationParam); i++) 
Serial.printf("%02x", applicationParam[i]); 

Serial.printf("\n Challenge:"); 

for (uintl6 t i = 0; і < sizeof(challengeParam); i++) 
Serial.printf("%02x", challengeParam[il); 

Serial.printf("\n AttestCert:"); 

for (uintl6 t i = 0; і < sizeof(attestCert); i++) 
Serial.printf("%02x", attestCert[i]); 

Serial.printf("\n"); 

Serial.printf(" KeyHandle:%d\n", keyHandle); 

#endif 
// Create the response message 
int offs = 0; 


// 1st byte is reserver byte 0x05 
messageloffs++] = 0x05; 


// Next 65 bytes are public key 
memcpy(message + offs, pub, sizeof(pub)); 
offs += sizeof(pub); 


// Next is key handle length, which in our case is 1 
message[offs++] = 1; 


// Next is the key handle itself, for us it is index in eprom 
message[offs++] = keyHandle; 


// Next is attestation certificate 
memcpy(message + offs, attestCert, sizeof(attestCert)); 
offs += sizeof(attestCert); 


// For the signature we need to calculate the SHA256 digest first 
byte digest[32]; 
( 
#ifdef DEBUG 
Serial.printf("Calculating digest\n"); 
#endif 
mbedtls sha256 context shaContext; 


mbedtls sha256 init(&shaContext); 
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mbedtls sha256 starts(&shaContext, 0); // 0-5НА256, 1-SHA224 
byte bt; 


// first byte is reserved byte of 0 
bt = 9; 
mbedtls sha256 update(&shaContext, (unsigned char*) &bt, 1); 


// Next 32 bytes is application param 
mbedtls sha256 update(&shaContext, (unsigned char*) 
applicationParam, sizeof(applicationParam)); 


// Next 32 bytes is challenge param 
mbedtls sha256 update(&shaContext, (unsigned char*) 
challengeParam, sizeof(challengeParam)); 


// Next is keyHandle whose size is keyHandle length 
bt = keyHandle; 
mbedtls sha256 update(&shaContext, (unsigned char*) &bt, 1); 


// Next 65 bytes is public key 
mbedtls sha256 update(&shaContext, (unsigned char*) pub, 
sizeof(pub)); 


// finally calculate the digest 
mbedtls sha256 finish(&shaContext, (unsigned char*) digest); 
mbedtls sha256 free(&shaContext); 


#ifdef DEBUG 
Serial.printf("Digest:"); 
for (unsigned int i = 0; i < sizeof(digest); i++) 
Serial.printf("%02x", digest[il); 
Serial.printf("\n"); 
#endif 
} 


// now calculate the ECsignature 
byte signature[64]; 


uECC sign(attestPrivKey, digest, sizeof(digest), signature, 
uECC secp256r1()); 


unsigned int siglen - appendSignatureAsDER(message, offs, signature); 
#ifdef DEBUG 
Serial.printf("Signature:"); 
for (unsigned int i = 0; i < sizeof(signature); i++) 
Serial.printf("%02x", signature[i]); 
Serial.printf("\n"); 
Serial.printf("Signature DER:"); 
for (unsigned int і = 0; і < siglen; i++) 
Serial.printf("%02x", message[offs - siglen + il); 
Serial.printf("\n"); 
#endif 


// Set the status as no error 
messageloffs++] SW МО ERROR >> 8; 
message[offs++] SW NO ERROR & 0xff; 


messageSize - offs; 
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doHIDOutput(); // output the response 


// copy the key and applicationParam into EEPROM 
// Each entry in EEPROM is 64 bytes long - 32 bytes for 
applicationParam, and 32 for private Key 
// The keyHandle is entry number, it starts with 0 and goes on to 9. 
EEPROM.write(0, numKeys); 
for (int i = 0; і < 32; i++) í 
EEPROM.write(EEPROM KEYOFFSET + (keyHandle * EEPROM ENTRYSIZE) 
+ EEPROM ENTRY APPOFFSET + i, applicationParam[il); 
) 
for (int i = 0; і < 32; i++) í 
EEPROM.write(EEPROM KEYOFFSET + (keyHandle * EEPROM ENTRYSIZE) 
+ EEPROM ENTRY KEYOFFSET + i, privli]); 
} 
for (int i = 0; і < 4; i++) í 
EEPROM.write(EEPROM KEYOFFSET + (keyHandle * EEPROM ENTRYSIZE) 
+ EEPROM ENTRY COUNTEROFFSET + і, 0); 


} 
} 


void u2f authenticate(byte P1, byte data[], uint32 t dataLen) { 
// The data Len is expected to be 66 
if (dataLen !- 66) 4 
#ifdef DEBUG 
Serial.printf("Expecting 66 byte U2F AUTHENTICATE message, got: 
%d\n", 
dataLen); 
#endif 
u2f errorResponse(SW WRONG LENGTH); 
return; 
) 
// The key handle length is expected to be 1 
if (data[64] != 1) í 
#ifdef DEBUG 
Serial.printf("Invalid KeyHandle length: expecting:1 Got:%dNn", 
data[64]); 
#endif 
u2f errorResponse(SW WRONG DATA); 
return; 
) 
uint8 t keyHandle - data[65]; 
if (keyHandle « 9 || keyHandle »- EERPOM MAXKEYS) 4 
#ifdef DEBUG 
Serial.printf("Invalid KeyHandle за, Should be between 0 and 


%d\n", 
keyHandle, EERPOM MAXKEYS) ; 
#endif 
u2f errorResponse(SW WRONG DATA); 
return; 
) 
// Copy the application param and challenge param out ої the request 
data 


byte applicationParam[32]; 

byte challengeParam[32]; 
memcpy(challengeParam, data, 32); 
memcpy(applicationParam, data - 32, 32); 
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// Fetch applicationParam from EEPROM 
byte expectedApplicationParam[32]; 
for (int i = 0; і < 32; i++) í 
expectedApplicationParam[i] - EEPROM.read(EEPROM KEYOFFSET - 
(keyHandle * EEPROM ENTRYSIZE) + EEPROM ENTRY APPOFFSET + i); 


) 
// Check if applicationParam exists in EEPROM 
int matches - 1; 
for (int i = 0; і < 32; i++) í 
if (expectedApplicationParam[i] !- applicationParam[i]) 
matches - 0; 


) 


#ifdef DEBUG 

Serial.printf("U2F Authenticate : Р1=%02х keyHandle=%d matches=%d\n", 
Pl, keyHandle, matches); 
#endif 


if (Pl == 0x07) ( // Check-only 
if (!matches) { 
#ifdef DEBUG 
Serial.printf("Invalid KeyHandle %d\n", keyHandle); 
Serial.printf(" ApplicationParam:"); 
for (int i = 0; і < 32; i++) 
Serial.printf("%02x", applicationParam[i]); 
Serial.printf("\n Expected: ApplicationParam:"); 
for (int i = 0; і < 32; i++) 
Serial.printf("%02x", expectedApplicationParam[i]); 
Serial.printf("\n"); 


#endif 
u2f _errorResponse (SW WRONG DATA); 
return; 
} else { 
#ifdef DEBUG 
Serial.printf("Keyhandle matched: %d", keyHandle); 


#endif 
u2f errorResponse(SW CONDITIONS NOT SATISFIED); 
return; 
} else if (Pl == 0x03) í // enforce-user-presence-and-sign 
// continue below 
) else 4 


#ifdef DEBUG 
Serial.printf("Unknown Pl: %02x", Pl); 
#endif 
u2f errorResponse(SW WRONG DATA); 
return; 


) 


// copy priv key from EEPROM 
uint8 t priv[32]; 
for (int i = 0; і < 32; i++) í 
priv[i] = EEPROM.read(EEPROM KEYOFFSET + (keyHandle * 
EEPROM ENTRYSIZE) « EEPROM ENTRY KEYOFFSET - i); 
) 


// increment counter 
uint32 t counter; 
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EEPROM.get(EEPROM KEYOFFSET + (keyHandle * EEPROM ENTRYSIZE) + 


EEPROM ENTRY COUNTEROFFSET, counter); 
counter++; 


EEPROM.put(EEPROM KEYOFFSET + (keyHandle * EEPROM ENTRYSIZE) + 


EEPROM ENTRY COUNTEROFFSET, counter); 


#ifdef DEBUG 
Serial.printf("Setting counter to %d\n", counter); 
#endif 
// Create the response message 
int offs = 0; 
// 1st byte is user presence byte 1 
message[offs++] = 0x01; 


// Next 4 bytes is counter in big endian 


message[offs++] = (counter >> 24) & Oxff; 
message[offs++] = (counter >> 16) & Oxff; 
message[offs++] = (counter >> 8) & Oxff; 
message[offs++] = counter & Oxff; 


// Finally the signature 


// For the signature we need to calculate the SHA256 digest first 


byte digest[32]; 


1 
#ifdef DEBUG 
Serial.printf("Calculating digest\n"); 
#endif 
mbedtls sha256 context shaContext; 


mbedtls sha256 init (&shaContext); 


mbedtls sha256 starts(&shaContext, 0); // 0-5НА256, 


// First 32 bytes is application param 
mbedtls sha256 update(&shaContext, (unsigned 
applicationParam, 
32); 


byte bt; 


// Next byte is user presence, it should be 1 
bt = 1; 
mbedtls sha256 update(&shaContext, (unsigned 


// Next 4 bytes is counter in big endian 

bt = (counter >> 24) & Oxff; 

mbedtls sha256 update(&shaContext, (unsigned 
bt = (counter >> 16) & Oxff; 

mbedtls sha256 update(&shaContext, (unsigned 
bt = (counter >> 8) & Oxff; 

mbedtls sha256 update(&shaContext, (unsigned 
bt = counter & Oxff; 

mbedtls sha256 update(&shaContext, (unsigned 


// Next 32 bytes is challenge param 
mbedtls sha256 update(&shaContext, (unsigned 
challengeParam, 32); 


// finally calculate the digest 
mbedtls sha256 finish(&shaContext, (unsigned 
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char*) 


char*) 


char*) 
char*) 
char*) 


char*) 


char*) 


char*) 


1-5НА224 
&bt, 1); 
&bt, 1); 
&bt, 1); 
&bt, 1); 
&bt, 1); 
digest); 


mbedtls sha256 free(&shaContext); 
#ifdef DEBUG 

Serial.printf("Digest:"); 

for (int i = 0; і < 32; i++) 

Serial.printf("%02x", digest[i]); 

Serial.printf("\n"); 

#endif 
} 


// now calculate the ECsignature 
byte signature[64]; 


uECC sign(priv, digest, sizeof(digest), signature, uECC secp256r1()); 


unsigned int siglen - appendSignatureAsDER(message, offs, signature); 
#ifdef DEBUG 
Serial.printf("Signature:"); 
for (unsigned int i = 0; i < sizeof(signature); i++) 
Serial.printf("%02x", signature[i]); 
Serial.printf("\n"); 
Serial.printf("Signature DER:"); 
for (unsigned int і = 0; і < siglen; i++) 
Serial.printf("%02x", message[offs - siglen + il); 
Serial.printf("\n"); 
#endif 


// Set the status as no error 
message[offs++] = SW NO ERROR >> 8; 
messageloffs++] = SW NO ERROR & Oxff; 

messageSize - offs; 
#ifdef DEBUG 

Serial.printf("Returning success from u2f authenticate\n"); 
#endif 

doHIDOutput(); // output the response 


) 


// Callback function to pass to mbedtls 
int genEntropy(void *obj, unsigned char buf[], size t buflen) 4 
for (unsigned i = 0; i < buflen; i++) í 
buf[i] = Entropy.random(OxFF) ; 


return 0; 


) 


//The setup function is called once at startup of the sketch 
void setup() 4 
#ifdef DEBUG 
Serial.begin(9600); 
#endif 


// void usb init(void); 
// uint8 t usb configured(void); 

// blink 3 times to show that code has started and the serial port is 
opened 

pinMode(13, OUTPUT); 

for (int i = 0; i < 3; i++) í 
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digitalWrite(13, HIGH); 
delay(300); 
digitalWrite(13, LOW); 
delay (300); 

} 


#ifdef DEBUG 
while (!Serial) 


Serial.printf("\n\n------------------------------------ гай 
Serial.printf("Starting...\n"); 
Serial.print("Reading 128-bit UniqueID from chip: ; 
Serial.printf("908lx %081х 5081х %081х\п", SIM UIDH, SIM UIDMH, 
SIM UIDML, SIM UIDL); 
#endif 


Entropy.Initialize(); 


uECC set rng(MyRNG Function); 


) 
uint32 t count - 0; 


// The loop function is called in an endless loop 
void loop() 4 
#ifdef DEBUG 
//if (count%1000 == 0) 
/ / Serial.printf("Checking HID input, %d\n", count); 
#endif 
count++; 
processHIDInput(); 
delay(7); 


Teensy U2F.h 

// Only modify this file to include 
// - function definitions (prototypes) 
// - include files 

// - extern variable definitions 

// In the appropriate section 


#ifndef Teensy U2F H_ 

#define Teensy ЦЕН 

#include <Arduino.h> 

#include "usb rawhid.h" 

//add your includes for the project Teensy U2F here 
#include <Entropy.h> 

#include <EEPROM.h> 

#include "mbedtls/sha256.h" 


#define DEBUG 1 
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#define SIM UIDH (*(const uint32 t *)0x40048054) // Unique Identification 
Register High 

#define SIM UIDMH (*(const uint32 t *)0x40048058) // Unique Identification 
Register Mid-High 

#define SIM UIDML (*(const uint32 t *)0x4004805C) // Unique Identification 
Register Mid Low 

#define SIM UIDL (*(const uint32 t *)0x40048060) // Unique Identification 
Register Low 


#include «uECC.h» 


//end of add your includes here 


#define TYPE INIT 0x80 // Initial frame identifier 

#define U2FHID PING (TYPE INIT | 0x01) // Echo data through local 
processor only 

#define U2FHID MSG (TYPE INIT | 0x03) // Send U2F message frame 
#define U2FHID LOCK (TYPE INIT | 0x04) // Send lock channel 
command 

#define U2FHID INIT (TYPE INIT | 0x06) // Channel initialization 
#define U2FHID WINK (TYPE INIT | 0x08) // Send device 
identification wink 

#define U2FHID ERROR (TYPE INIT | Ox3f) // Error response 

#define CID BROADCAST Oxffffffff // Broadcast channel id 
#define U2FHID IF VERSION 2 // Current interface implementation 
version 

define CAPFLAG WINK 0x01 // Device supports WINK command 
#define CAPFLAG LOCK 0x02 // Device supports LOCK command 
#define U2F REGISTER 0x01 

#define U2F AUTHENTICATE 0x02 

#define U2F VERSION 0x03 


// Low-level error codes. Return as negatives. 

#define ERR NONE 0x00 // No error 

#define ERR INVALID CMD 0x01 // Invalid command 

#define ERR INVALID PAR 0x02 // Invalid parameter 

#define ERR INVALID LEN 0x03 // Invalid message length 
#define ERR INVALID SEQ 0x04 // Invalid message sequencing 
#define ERR MSG TIMEOUT 0x05 // Message has timed out 
#define ERR CHANNEL BUSY 0x06 // Channel busy 

#define ERR LOCK REQUIRED 0x0a // Command requires channel lock 
#define ERR INVALID CID ӨхӨр // Invalid CID 

#define ERR OTHER 0x7f // Other unspecified error 


#define MAX INITIAL PACKET 57 
#define MAX CONTINUATION PACKET 59 


#define STATE CHANNEL AVAILABLE 0 
#define STATE CHANNEL WAIT CONT 1 


#define SW NO ERROR 0x9000 
#define SW CONDITIONS NOT SATISFIED 0x6985 
#define SW WRONG DATA 0x6A80 
#define SW WRONG LENGTH 0x6700 
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#define SW INS NOT SUPPORTED 
#define SW CLA NOT SUPPORTED 


0x6D00 
0x6E00 


//add your function definitions for the project Teensy U2F here 


void 
void 
void 


processMessage() ; 
doHIDOutput(); 
doHIDErrorOutput(uint8 t err); 


void u2f register(byte data[], uint32 t dataLen); 
void u2f version(byte data[], uint32 t dataLen); 
void u2f authenticate(byte P1, byte data[], uint32 t dataLen); 


//Do not add code below this line 


#endif /* Teensy ЦЕ Н */ 


To build the hex file from the C++ project, on Eclipse CDT, in Project Properties > Arduino > 
Compile Options, append to C++ the command arguments "-fexceptions -frtti" and 
append to link the argument “--specs=nosys.specs” as shown below; 


Че Edit Source Refactor Navigate Search Project Run Window 


Help 
1| | | = : Pr 
& [0 [в |10 v ||@ (лға “2 :8- ые в:6:000000:%-:9 0 
Project Explorer 25 1| 
roject Explorer | Mr mm i 
E) @ Y 8 || Q Properties fo Te -1 
м 125 Teensy_U2F Teensy 4.0 :COM3 2220 | 
xm | 
5, ын type filter text Arduino yi У. 8 
a Archives 
i Includes Resource Я 
& соге Arduino 
Бэ libraries Builders Configuration: Release [ Active] vil 
м @ Release C/C++ Build 
(> core C/C++ General 
© libraries Linux Tools Path 49) Arduino board selection о Compile Options 
Project Natures 
Teensy U2F.cpp.o - [arm/le] J o s 
= А show all warnings? 
$s Teensy U2F.elf - [arm/le] Project References | 5 
£j arduino.ar Run/Debug Settings L Use alternative size command? (AVR only) 
[ò makefile ask КЕрозяоту append to C and C++ 
[à objects.mk Task Tags 
[ò sources.mk НЭРЭЭ append to C++ -fexceptions -frtti 
Lë subdir.mk WikiText append to C 
» er Ші са append to assembly 
B Teensy U2F.hex | append to archive 
À Te U2F. | : 
5 син б [U append to link --specs=nosys.specs L 
о pcd. ІП append to all ї 
| 21 
» 
© Apply and Close Cancel 


Tact малана 


S Fehriisn: 70171 TRASU 


Image 13: Arduino Compile options on Eclipse CDT 
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